diff options
| author | t00fcxen <t00fcxen@9df1edf5-d72c-5b5f-11c0-5f5209eb73f7> | 2014-08-12 12:51:45 +0000 |
|---|---|---|
| committer | t00fcxen <t00fcxen@9df1edf5-d72c-5b5f-11c0-5f5209eb73f7> | 2014-08-12 12:51:45 +0000 |
| commit | fb3816eaffe5878bb1286adb120fd160da178a05 (patch) | |
| tree | 420d34617ce951f3904050896516ceb550d0be07 | |
| parent | 61a075e65a009a719c4265bfc4bfc433962ffc3f (diff) | |
| download | usrsctplib-fb3816eaffe5878bb1286adb120fd160da178a05.tar.gz | |
Sync with Mavericks sources.
git-svn-id: http://sctp-refimpl.googlecode.com/svn/trunk/KERN/usrsctp/usrsctplib@8959 9df1edf5-d72c-5b5f-11c0-5f5209eb73f7
| -rwxr-xr-x | netinet/sctp.h | 8 | ||||
| -rwxr-xr-x | netinet/sctp_asconf.c | 28 | ||||
| -rwxr-xr-x | netinet/sctp_auth.c | 19 | ||||
| -rwxr-xr-x | netinet/sctp_auth.h | 3 | ||||
| -rwxr-xr-x | netinet/sctp_input.c | 73 | ||||
| -rwxr-xr-x | netinet/sctp_output.c | 90 | ||||
| -rwxr-xr-x | netinet/sctp_pcb.c | 116 | ||||
| -rwxr-xr-x | netinet/sctp_pcb.h | 4 | ||||
| -rwxr-xr-x | netinet/sctp_peeloff.c | 6 | ||||
| -rwxr-xr-x | netinet/sctp_structs.h | 8 | ||||
| -rwxr-xr-x | netinet/sctp_sysctl.c | 108 | ||||
| -rwxr-xr-x | netinet/sctp_sysctl.h | 23 | ||||
| -rwxr-xr-x | netinet/sctp_usrreq.c | 136 | ||||
| -rwxr-xr-x | netinet/sctputil.c | 16 | ||||
| -rwxr-xr-x | user_socket.c | 7 | ||||
| -rw-r--r-- | usrsctp.h | 5 |
16 files changed, 451 insertions, 199 deletions
diff --git a/netinet/sctp.h b/netinet/sctp.h index d261312..f3c65de 100755 --- a/netinet/sctp.h +++ b/netinet/sctp.h @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp.h 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp.h 269858 2014-08-12 11:30:16Z tuexen $"); #endif #ifndef _NETINET_SCTP_H_ @@ -133,9 +133,11 @@ struct sctp_paramhdr { #define SCTP_REMOTE_UDP_ENCAPS_PORT 0x00000024 #define SCTP_ECN_SUPPORTED 0x00000025 #define SCTP_PR_SUPPORTED 0x00000026 -#define SCTP_NRSACK_SUPPORTED 0x00000027 -#define SCTP_PKTDROP_SUPPORTED 0x00000028 +#define SCTP_AUTH_SUPPORTED 0x00000027 +#define SCTP_ASCONF_SUPPORTED 0x00000028 #define SCTP_RECONFIG_SUPPORTED 0x00000029 +#define SCTP_NRSACK_SUPPORTED 0x00000030 +#define SCTP_PKTDROP_SUPPORTED 0x00000031 /* * read-only options diff --git a/netinet/sctp_asconf.c b/netinet/sctp_asconf.c index 536ab44..ea15b63 100755 --- a/netinet/sctp_asconf.c +++ b/netinet/sctp_asconf.c @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_asconf.c 267674 2014-06-20 13:26:49Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_asconf.c 269858 2014-08-12 11:30:16Z tuexen $"); #endif #include <netinet/sctp_os.h> @@ -731,13 +731,11 @@ sctp_handle_asconf(struct mbuf *m, unsigned int offset, } switch (param_type) { case SCTP_ADD_IP_ADDRESS: - asoc->peer_supports_asconf = 1; m_result = sctp_process_asconf_add_ip(src, aph, stcb, (cnt < SCTP_BASE_SYSCTL(sctp_hb_maxburst)), error); cnt++; break; case SCTP_DEL_IP_ADDRESS: - asoc->peer_supports_asconf = 1; m_result = sctp_process_asconf_delete_ip(src, aph, stcb, error); break; @@ -745,7 +743,6 @@ sctp_handle_asconf(struct mbuf *m, unsigned int offset, /* not valid in an ASCONF chunk */ break; case SCTP_SET_PRIM_ADDR: - asoc->peer_supports_asconf = 1; m_result = sctp_process_asconf_set_primary(src, aph, stcb, error); break; @@ -936,8 +933,6 @@ sctp_addr_match(struct sctp_paramhdr *ph, struct sockaddr *sa) void sctp_asconf_cleanup(struct sctp_tcb *stcb, struct sctp_nets *net) { - /* mark peer as ASCONF incapable */ - stcb->asoc.peer_supports_asconf = 0; /* * clear out any existing asconfs going out */ @@ -1348,7 +1343,7 @@ sctp_asconf_queue_add(struct sctp_tcb *stcb, struct sctp_ifa *ifa, int pending_delete_queued = 0; /* see if peer supports ASCONF */ - if (stcb->asoc.peer_supports_asconf == 0) { + if (stcb->asoc.asconf_supported == 0) { return (-1); } @@ -1440,7 +1435,7 @@ sctp_asconf_queue_sa_delete(struct sctp_tcb *stcb, struct sockaddr *sa) return (-1); } /* see if peer supports ASCONF */ - if (stcb->asoc.peer_supports_asconf == 0) { + if (stcb->asoc.asconf_supported == 0) { return (-1); } /* make sure the request isn't already in the queue */ @@ -1560,7 +1555,7 @@ sctp_asconf_find_param(struct sctp_tcb *stcb, uint32_t correlation_id) * notifications based on the error response */ static void -sctp_asconf_process_error(struct sctp_tcb *stcb, +sctp_asconf_process_error(struct sctp_tcb *stcb SCTP_UNUSED, struct sctp_asconf_paramhdr *aph) { struct sctp_error_cause *eh; @@ -1598,10 +1593,7 @@ sctp_asconf_process_error(struct sctp_tcb *stcb, switch (param_type) { case SCTP_ADD_IP_ADDRESS: case SCTP_DEL_IP_ADDRESS: - stcb->asoc.peer_supports_asconf = 0; - break; case SCTP_SET_PRIM_ADDR: - stcb->asoc.peer_supports_asconf = 0; break; default: break; @@ -1637,8 +1629,6 @@ sctp_asconf_process_param_ack(struct sctp_tcb *stcb, SCTPDBG(SCTP_DEBUG_ASCONF1, "process_param_ack: set primary IP address\n"); /* nothing to do... peer may start using this addr */ - if (flag == 0) - stcb->asoc.peer_supports_asconf = 0; break; default: /* should NEVER happen */ @@ -1656,11 +1646,11 @@ sctp_asconf_process_param_ack(struct sctp_tcb *stcb, * cleanup from a bad asconf ack parameter */ static void -sctp_asconf_ack_clear(struct sctp_tcb *stcb) +sctp_asconf_ack_clear(struct sctp_tcb *stcb SCTP_UNUSED) { /* assume peer doesn't really know how to do asconfs */ - stcb->asoc.peer_supports_asconf = 0; /* XXX we could free the pending queue here */ + } void @@ -2003,7 +1993,7 @@ sctp_addr_mgmt_assoc(struct sctp_inpcb *inp, struct sctp_tcb *stcb, /* queue an asconf for this address add/delete */ if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_DO_ASCONF)) { /* does the peer do asconf? */ - if (stcb->asoc.peer_supports_asconf) { + if (stcb->asoc.asconf_supported) { /* queue an asconf for this addr */ status = sctp_asconf_queue_add(stcb, ifa, type); @@ -2257,7 +2247,7 @@ sctp_asconf_iterator_stcb(struct sctp_inpcb *inp, struct sctp_tcb *stcb, } /* queue an asconf for this address add/delete */ if (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_DO_ASCONF) && - stcb->asoc.peer_supports_asconf) { + stcb->asoc.asconf_supported == 1) { /* queue an asconf for this addr */ status = sctp_asconf_queue_add(stcb, ifa, type); /* @@ -2903,7 +2893,7 @@ sctp_process_initack_addresses(struct sctp_tcb *stcb, struct mbuf *m, /* are ASCONFs allowed ? */ if ((sctp_is_feature_on(stcb->sctp_ep, SCTP_PCB_FLAGS_DO_ASCONF)) && - stcb->asoc.peer_supports_asconf) { + stcb->asoc.asconf_supported) { /* queue an ASCONF DEL_IP_ADDRESS */ status = sctp_asconf_queue_sa_delete(stcb, sa); /* diff --git a/netinet/sctp_auth.c b/netinet/sctp_auth.c index 49f95e1..00ff978 100755 --- a/netinet/sctp_auth.c +++ b/netinet/sctp_auth.c @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_auth.c 269396 2014-08-01 20:49:27Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_auth.c 269858 2014-08-12 11:30:16Z tuexen $"); #endif #include <netinet/sctp_os.h> @@ -135,11 +135,6 @@ sctp_auth_delete_chunk(uint8_t chunk, sctp_auth_chklist_t *list) if (list == NULL) return (-1); - /* is chunk restricted? */ - if ((chunk == SCTP_ASCONF) || - (chunk == SCTP_ASCONF_ACK)) { - return (-1); - } if (list->chunks[chunk] == 1) { list->chunks[chunk] = 0; list->num_chunks--; @@ -160,16 +155,6 @@ sctp_auth_get_chklist_size(const sctp_auth_chklist_t *list) } /* - * set the default list of chunks requiring AUTH - */ -void -sctp_auth_set_default_chunks(sctp_auth_chklist_t *list) -{ - (void)sctp_auth_add_chunk(SCTP_ASCONF, list); - (void)sctp_auth_add_chunk(SCTP_ASCONF_ACK, list); -} - -/* * return the current number and list of required chunks caller must * guarantee ptr has space for up to 256 bytes */ @@ -1554,7 +1539,7 @@ sctp_auth_get_cookie_params(struct sctp_tcb *stcb, struct mbuf *m, } } if (stcb->asoc.authinfo.random != NULL) - sctp_free_key(stcb->asoc.authinfo.random); + sctp_free_key(stcb->asoc.authinfo.random); stcb->asoc.authinfo.random = new_key; stcb->asoc.authinfo.random_len = random_len; sctp_clear_cachedkeys(stcb, stcb->asoc.authinfo.assoc_keyid); diff --git a/netinet/sctp_auth.h b/netinet/sctp_auth.h index eeff278..04649ad 100755 --- a/netinet/sctp_auth.h +++ b/netinet/sctp_auth.h @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_auth.h 257804 2013-11-07 18:50:11Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_auth.h 269858 2014-08-12 11:30:16Z tuexen $"); #endif #ifndef _NETINET_SCTP_AUTH_H_ @@ -116,7 +116,6 @@ extern sctp_auth_chklist_t *sctp_copy_chunklist(sctp_auth_chklist_t *chklist); extern int sctp_auth_add_chunk(uint8_t chunk, sctp_auth_chklist_t *list); extern int sctp_auth_delete_chunk(uint8_t chunk, sctp_auth_chklist_t *list); extern size_t sctp_auth_get_chklist_size(const sctp_auth_chklist_t *list); -extern void sctp_auth_set_default_chunks(sctp_auth_chklist_t *list); extern int sctp_serialize_auth_chunks(const sctp_auth_chklist_t *list, uint8_t *ptr); extern int sctp_pack_auth_chunks(const sctp_auth_chklist_t *list, diff --git a/netinet/sctp_input.c b/netinet/sctp_input.c index d04a081..1517829 100755 --- a/netinet/sctp_input.c +++ b/netinet/sctp_input.c @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_input.c 269753 2014-08-09 14:33:44Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_input.c 269858 2014-08-12 11:30:16Z tuexen $"); #endif #include <netinet/sctp_os.h> @@ -507,7 +507,7 @@ sctp_process_init_ack(struct mbuf *m, int iphlen, int offset, return (-1); } /* if the peer doesn't support asconf, flush the asconf queue */ - if (asoc->peer_supports_asconf == 0) { + if (asoc->asconf_supported == 0) { struct sctp_asconf_addr *param, *nparam; TAILQ_FOREACH_SAFE(param, &asoc->asconf_queue, next, nparam) { @@ -796,17 +796,16 @@ sctp_handle_nat_colliding_state(struct sctp_tcb *stcb) static int sctp_handle_nat_missing_state(struct sctp_tcb *stcb, struct sctp_nets *net) - { - /* return 0 means we want you to proceed with the abort - * non-zero means no abort processing - */ - if (stcb->asoc.peer_supports_auth == 0) { - SCTPDBG(SCTP_DEBUG_INPUT2, "sctp_handle_nat_missing_state: Peer does not support AUTH, cannot send an asconf\n"); - return (0); - } - sctp_asconf_send_nat_state_update(stcb, net); - return (1); + /* return 0 means we want you to proceed with the abort + * non-zero means no abort processing + */ + if (stcb->asoc.auth_supported == 0) { + SCTPDBG(SCTP_DEBUG_INPUT2, "sctp_handle_nat_missing_state: Peer does not support AUTH, cannot send an asconf\n"); + return (0); + } + sctp_asconf_send_nat_state_update(stcb, net); + return (1); } @@ -1136,6 +1135,7 @@ sctp_process_unrecog_chunk(struct sctp_tcb *stcb, struct sctp_paramhdr *phdr, * Skip past the param header and then we will find the param that caused the * problem. There are a number of param's in a ASCONF OR the prsctp param * these will turn of specific features. + * XXX: Is this the right thing to do? */ static void sctp_process_unrecog_param(struct sctp_tcb *stcb, struct sctp_paramhdr *phdr) @@ -1157,14 +1157,14 @@ sctp_process_unrecog_param(struct sctp_tcb *stcb, struct sctp_paramhdr *phdr) case SCTP_ADD_IP_ADDRESS: case SCTP_DEL_IP_ADDRESS: case SCTP_SET_PRIM_ADDR: - stcb->asoc.peer_supports_asconf = 0; + stcb->asoc.asconf_supported = 0; break; case SCTP_SUCCESS_REPORT: case SCTP_ERROR_CAUSE_IND: SCTPDBG(SCTP_DEBUG_INPUT2, "Huh, the peer does not support success? or error cause?\n"); SCTPDBG(SCTP_DEBUG_INPUT2, "Turning off ASCONF to this strange peer\n"); - stcb->asoc.peer_supports_asconf = 0; + stcb->asoc.asconf_supported = 0; break; default: SCTPDBG(SCTP_DEBUG_INPUT2, @@ -2928,6 +2928,8 @@ sctp_handle_cookie_echo(struct mbuf *m, int iphlen, int offset, inp->sctp_cmt_on_off = (*inp_p)->sctp_cmt_on_off; inp->ecn_supported = (*inp_p)->ecn_supported; inp->prsctp_supported = (*inp_p)->prsctp_supported; + inp->auth_supported = (*inp_p)->auth_supported; + inp->asconf_supported = (*inp_p)->asconf_supported; inp->reconfig_supported = (*inp_p)->reconfig_supported; inp->nrsack_supported = (*inp_p)->nrsack_supported; inp->pktdrop_supported = (*inp_p)->pktdrop_supported; @@ -3112,7 +3114,7 @@ sctp_handle_cookie_ack(struct sctp_cookie_ack_chunk *cp SCTP_UNUSED, * in flight) */ if ((sctp_is_feature_on(stcb->sctp_ep, SCTP_PCB_FLAGS_DO_ASCONF)) && - (stcb->asoc.peer_supports_asconf) && + (stcb->asoc.asconf_supported == 1) && (!TAILQ_EMPTY(&stcb->asoc.asconf_queue))) { #ifdef SCTP_TIMER_BASED_ASCONF sctp_timer_start(SCTP_TIMER_TYPE_ASCONF, @@ -4574,7 +4576,7 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, */ if ((ch->chunk_type == SCTP_AUTHENTICATION) && (stcb == NULL) && - !SCTP_BASE_SYSCTL(sctp_auth_disable)) { + (inp->auth_supported == 1)) { /* save this chunk for later processing */ auth_skipped = 1; auth_offset = *offset; @@ -4846,7 +4848,7 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, /* check to see if this chunk required auth, but isn't */ if ((stcb != NULL) && - !SCTP_BASE_SYSCTL(sctp_auth_disable) && + (stcb->asoc.auth_supported == 1) && sctp_auth_is_required_chunk(ch->chunk_type, stcb->asoc.local_auth_chunks) && !stcb->asoc.authenticated) { /* "silently" ignore */ @@ -5370,6 +5372,9 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, return (NULL); } if (stcb) { + if (stcb->asoc.ecn_supported == 0) { + goto unknown_chunk; + } if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { sctp_misc_ints(SCTP_THRESHOLD_CLEAR, stcb->asoc.overall_error_count, @@ -5395,6 +5400,9 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, return (NULL); } if (stcb) { + if (stcb->asoc.ecn_supported == 0) { + goto unknown_chunk; + } if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { sctp_misc_ints(SCTP_THRESHOLD_CLEAR, stcb->asoc.overall_error_count, @@ -5428,6 +5436,9 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, SCTPDBG(SCTP_DEBUG_INPUT3, "SCTP_ASCONF\n"); /* He's alive so give him credit */ if (stcb) { + if (stcb->asoc.asconf_supported == 0) { + goto unknown_chunk; + } if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { sctp_misc_ints(SCTP_THRESHOLD_CLEAR, stcb->asoc.overall_error_count, @@ -5452,6 +5463,9 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, return (NULL); } if ((stcb) && netp && *netp) { + if (stcb->asoc.asconf_supported == 0) { + goto unknown_chunk; + } /* He's alive so give him credit */ if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { sctp_misc_ints(SCTP_THRESHOLD_CLEAR, @@ -5481,6 +5495,10 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, /* He's alive so give him credit */ if (stcb) { int abort_flag = 0; + + if (stcb->asoc.prsctp_supported == 0) { + goto unknown_chunk; + } stcb->asoc.overall_error_count = 0; if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { sctp_misc_ints(SCTP_THRESHOLD_CLEAR, @@ -5536,12 +5554,7 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, return (NULL); } if (stcb->asoc.reconfig_supported == 0) { - /* - * hmm, peer should have announced this, but - * we will turn it on since he is sending us - * a stream reset. - */ - stcb->asoc.reconfig_supported = 1; + goto unknown_chunk; } if (sctp_handle_stream_reset(stcb, m, *offset, ch)) { /* stop processing */ @@ -5563,6 +5576,9 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, if (ch && (stcb) && netp && (*netp)) { + if (stcb->asoc.pktdrop_supported == 0) { + goto unknown_chunk; + } sctp_handle_packet_dropped((struct sctp_pktdrop_chunk *)ch, stcb, *netp, min(chk_length, (sizeof(chunk_buf) - 4))); @@ -5570,12 +5586,8 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, } break; - case SCTP_AUTHENTICATION: SCTPDBG(SCTP_DEBUG_INPUT3, "SCTP_AUTHENTICATION\n"); - if (SCTP_BASE_SYSCTL(sctp_auth_disable)) - goto unknown_chunk; - if (stcb == NULL) { /* save the first AUTH for later processing */ if (auth_skipped == 0) { @@ -5586,6 +5598,9 @@ sctp_process_control(struct mbuf *m, int iphlen, int *offset, int length, /* skip this chunk (temporarily) */ goto next_chunk; } + if (stcb->asoc.auth_supported == 0) { + goto unknown_chunk; + } if ((chk_length < (sizeof(struct sctp_auth_chunk))) || (chk_length > (sizeof(struct sctp_auth_chunk) + SCTP_AUTH_DIGEST_LEN_MAX))) { @@ -5951,7 +5966,7 @@ sctp_common_input_processing(struct mbuf **mm, int iphlen, int offset, int lengt * chunks */ if ((stcb != NULL) && - !SCTP_BASE_SYSCTL(sctp_auth_disable) && + (stcb->asoc.auth_supported == 1) && sctp_auth_is_required_chunk(SCTP_DATA, stcb->asoc.local_auth_chunks)) { /* "silently" ignore */ SCTP_STAT_INCR(sctps_recvauthmissing); @@ -5996,7 +6011,7 @@ sctp_common_input_processing(struct mbuf **mm, int iphlen, int offset, int lengt */ if ((length > offset) && (stcb != NULL) && - !SCTP_BASE_SYSCTL(sctp_auth_disable) && + (stcb->asoc.auth_supported == 1) && sctp_auth_is_required_chunk(SCTP_DATA, stcb->asoc.local_auth_chunks) && !stcb->asoc.authenticated) { /* "silently" ignore */ diff --git a/netinet/sctp_output.c b/netinet/sctp_output.c index 392e4e9..4d76e7d 100755 --- a/netinet/sctp_output.c +++ b/netinet/sctp_output.c @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_output.c 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_output.c 269858 2014-08-12 11:30:16Z tuexen $"); #endif #include <netinet/sctp_os.h> @@ -5102,12 +5102,6 @@ sctp_send_initiate(struct sctp_inpcb *inp, struct sctp_tcb *stcb, int so_locked } chunk_len = (uint16_t)sizeof(struct sctp_init_chunk); padding_len = 0; - /* - * assume peer supports asconf in order to be able to queue - * local address changes while an INIT is in flight and before - * the assoc is established. - */ - stcb->asoc.peer_supports_asconf = 1; /* Now lets put the chunk header in place */ init = mtod(m, struct sctp_init_chunk *); /* now the chunk header */ @@ -5164,31 +5158,34 @@ sctp_send_initiate(struct sctp_inpcb *inp, struct sctp_tcb *stcb, int so_locked /* And now tell the peer which extensions we support */ num_ext = 0; pr_supported = (struct sctp_supported_chunk_types_param *)(mtod(m, caddr_t) + chunk_len); - pr_supported->ph.param_type = htons(SCTP_SUPPORTED_CHUNK_EXT); - pr_supported->chunk_types[num_ext++] = SCTP_ASCONF; - pr_supported->chunk_types[num_ext++] = SCTP_ASCONF_ACK; if (stcb->asoc.prsctp_supported == 1) { pr_supported->chunk_types[num_ext++] = SCTP_FORWARD_CUM_TSN; } - if (stcb->asoc.pktdrop_supported == 1) { - pr_supported->chunk_types[num_ext++] = SCTP_PACKET_DROPPED; + if (stcb->asoc.auth_supported == 1) { + pr_supported->chunk_types[num_ext++] = SCTP_AUTHENTICATION; + } + if (stcb->asoc.asconf_supported == 1) { + pr_supported->chunk_types[num_ext++] = SCTP_ASCONF; + pr_supported->chunk_types[num_ext++] = SCTP_ASCONF_ACK; } if (stcb->asoc.reconfig_supported == 1) { pr_supported->chunk_types[num_ext++] = SCTP_STREAM_RESET; } - if (!SCTP_BASE_SYSCTL(sctp_auth_disable)) { - pr_supported->chunk_types[num_ext++] = SCTP_AUTHENTICATION; - } if (stcb->asoc.nrsack_supported == 1) { pr_supported->chunk_types[num_ext++] = SCTP_NR_SELECTIVE_ACK; } - parameter_len = (uint16_t)sizeof(struct sctp_supported_chunk_types_param) + num_ext; - pr_supported->ph.param_length = htons(parameter_len); - padding_len = SCTP_SIZE32(parameter_len) - parameter_len; - chunk_len += parameter_len; - + if (stcb->asoc.pktdrop_supported == 1) { + pr_supported->chunk_types[num_ext++] = SCTP_PACKET_DROPPED; + } + if (num_ext > 0) { + parameter_len = (uint16_t)sizeof(struct sctp_supported_chunk_types_param) + num_ext; + pr_supported->ph.param_type = htons(SCTP_SUPPORTED_CHUNK_EXT); + pr_supported->ph.param_length = htons(parameter_len); + padding_len = SCTP_SIZE32(parameter_len) - parameter_len; + chunk_len += parameter_len; + } /* add authentication parameters */ - if (!SCTP_BASE_SYSCTL(sctp_auth_disable)) { + if (stcb->asoc.auth_supported) { /* attach RANDOM parameter, if available */ if (stcb->asoc.authinfo.random != NULL) { struct sctp_auth_random *randp; @@ -5206,8 +5203,7 @@ sctp_send_initiate(struct sctp_inpcb *inp, struct sctp_tcb *stcb, int so_locked chunk_len += parameter_len; } /* add HMAC_ALGO parameter */ - if ((stcb->asoc.local_hmacs != NULL) && - (stcb->asoc.local_hmacs->num_algo > 0)) { + if (stcb->asoc.local_hmacs != NULL) { struct sctp_auth_hmac_algo *hmacs; if (padding_len > 0) { @@ -5225,7 +5221,7 @@ sctp_send_initiate(struct sctp_inpcb *inp, struct sctp_tcb *stcb, int so_locked chunk_len += parameter_len; } /* add CHUNKS parameter */ - if (sctp_auth_get_chklist_size(stcb->asoc.local_auth_chunks) > 0) { + if (stcb->asoc.local_auth_chunks != NULL) { struct sctp_auth_chunk_list *chunks; if (padding_len > 0) { @@ -6337,35 +6333,42 @@ sctp_send_initiate_ack(struct sctp_inpcb *inp, struct sctp_tcb *stcb, /* And now tell the peer which extensions we support */ num_ext = 0; pr_supported = (struct sctp_supported_chunk_types_param *)(mtod(m, caddr_t) + chunk_len); - pr_supported->ph.param_type = htons(SCTP_SUPPORTED_CHUNK_EXT); - pr_supported->chunk_types[num_ext++] = SCTP_ASCONF; - pr_supported->chunk_types[num_ext++] = SCTP_ASCONF_ACK; if (((asoc != NULL) && (asoc->prsctp_supported == 1)) || ((asoc == NULL) && (inp->prsctp_supported == 1))) { pr_supported->chunk_types[num_ext++] = SCTP_FORWARD_CUM_TSN; } - if (((asoc != NULL) && (asoc->pktdrop_supported == 1)) || - ((asoc == NULL) && (inp->pktdrop_supported == 1))) { - pr_supported->chunk_types[num_ext++] = SCTP_PACKET_DROPPED; + if (((asoc != NULL) && (asoc->auth_supported == 1)) || + ((asoc == NULL) && (inp->auth_supported == 1))) { + pr_supported->chunk_types[num_ext++] = SCTP_AUTHENTICATION; + } + if (((asoc != NULL) && (asoc->asconf_supported == 1)) || + ((asoc == NULL) && (inp->asconf_supported == 1))) { + pr_supported->chunk_types[num_ext++] = SCTP_ASCONF; + pr_supported->chunk_types[num_ext++] = SCTP_ASCONF_ACK; } if (((asoc != NULL) && (asoc->reconfig_supported == 1)) || ((asoc == NULL) && (inp->reconfig_supported == 1))) { pr_supported->chunk_types[num_ext++] = SCTP_STREAM_RESET; } - if (!SCTP_BASE_SYSCTL(sctp_auth_disable)) { - pr_supported->chunk_types[num_ext++] = SCTP_AUTHENTICATION; - } if (((asoc != NULL) && (asoc->nrsack_supported == 1)) || ((asoc == NULL) && (inp->nrsack_supported == 1))) { pr_supported->chunk_types[num_ext++] = SCTP_NR_SELECTIVE_ACK; } - parameter_len = (uint16_t)sizeof(struct sctp_supported_chunk_types_param) + num_ext; - pr_supported->ph.param_length = htons(parameter_len); - padding_len = SCTP_SIZE32(parameter_len) - parameter_len; - chunk_len += parameter_len; - + if (((asoc != NULL) && (asoc->pktdrop_supported == 1)) || + ((asoc == NULL) && (inp->pktdrop_supported == 1))) { + pr_supported->chunk_types[num_ext++] = SCTP_PACKET_DROPPED; + } + if (num_ext > 0) { + parameter_len = (uint16_t)sizeof(struct sctp_supported_chunk_types_param) + num_ext; + pr_supported->ph.param_type = htons(SCTP_SUPPORTED_CHUNK_EXT); + pr_supported->ph.param_length = htons(parameter_len); + padding_len = SCTP_SIZE32(parameter_len) - parameter_len; + chunk_len += parameter_len; + } + /* add authentication parameters */ - if (!SCTP_BASE_SYSCTL(sctp_auth_disable)) { + if (((asoc != NULL) && (asoc->auth_supported == 1)) || + ((asoc == NULL) && (inp->auth_supported == 1))) { struct sctp_auth_random *randp; struct sctp_auth_hmac_algo *hmacs; struct sctp_auth_chunk_list *chunks; @@ -7943,7 +7946,6 @@ re_look: sctp_auth_key_acquire(stcb, chk->auth_keyid); chk->holds_key_ref = 1; } - #if defined(__FreeBSD__) || defined(__Panda__) chk->rec.data.TSN_seq = atomic_fetchadd_int(&asoc->sending_seq, 1); #else @@ -8236,7 +8238,6 @@ sctp_med_chunk_output(struct sctp_inpcb *inp, #endif *num_out = 0; auth_keyid = stcb->asoc.authinfo.active_keyid; - if ((asoc->state & SCTP_STATE_SHUTDOWN_PENDING) || (asoc->state & SCTP_STATE_SHUTDOWN_RECEIVED) || (sctp_is_feature_on(inp, SCTP_PCB_FLAGS_EXPLICIT_EOR))) { @@ -14473,12 +14474,7 @@ sctp_add_auth_chunk(struct mbuf *m, struct mbuf **m_end, (stcb == NULL)) return (m); - /* sysctl disabled auth? */ - if (SCTP_BASE_SYSCTL(sctp_auth_disable)) - return (m); - - /* peer doesn't do auth... */ - if (!stcb->asoc.peer_supports_auth) { + if (stcb->asoc.auth_supported == 0) { return (m); } /* does the requested chunk require auth? */ diff --git a/netinet/sctp_pcb.c b/netinet/sctp_pcb.c index 57295fd..0432964 100755 --- a/netinet/sctp_pcb.c +++ b/netinet/sctp_pcb.c @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_pcb.c 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_pcb.c 269858 2014-08-12 11:30:16Z tuexen $"); #endif #include <netinet/sctp_os.h> @@ -2843,6 +2843,12 @@ sctp_inpcb_alloc(struct socket *so, uint32_t vrf_id) inp->sctp_cmt_on_off = SCTP_BASE_SYSCTL(sctp_cmt_on_off); inp->ecn_supported = (uint8_t)SCTP_BASE_SYSCTL(sctp_ecn_enable); inp->prsctp_supported = (uint8_t)SCTP_BASE_SYSCTL(sctp_pr_enable); + if (SCTP_BASE_SYSCTL(sctp_auth_disable)) { + inp->auth_supported = 0; + } else { + inp->auth_supported = 1; + } + inp->asconf_supported = (uint8_t)SCTP_BASE_SYSCTL(sctp_asconf_enable); inp->reconfig_supported = (uint8_t)SCTP_BASE_SYSCTL(sctp_reconfig_enable); inp->nrsack_supported = (uint8_t)SCTP_BASE_SYSCTL(sctp_nrsack_enable); inp->pktdrop_supported = (uint8_t)SCTP_BASE_SYSCTL(sctp_pktdrop_enable); @@ -3094,12 +3100,15 @@ sctp_inpcb_alloc(struct socket *so, uint32_t vrf_id) */ m->local_hmacs = sctp_default_supported_hmaclist(); m->local_auth_chunks = sctp_alloc_chunklist(); + if (inp->asconf_supported) { + sctp_auth_add_chunk(SCTP_ASCONF, m->local_auth_chunks); + sctp_auth_add_chunk(SCTP_ASCONF_ACK, m->local_auth_chunks); + } m->default_dscp = 0; #ifdef INET6 m->default_flowlabel = 0; #endif m->port = 0; /* encapsulation disabled by default */ - sctp_auth_set_default_chunks(m->local_auth_chunks); LIST_INIT(&m->shared_keys); /* add default NULL key as key id 0 */ null_key = sctp_alloc_sharedkey(); @@ -7110,11 +7119,14 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m, sctp_key_t *new_key; uint32_t keylen; int got_random = 0, got_hmacs = 0, got_chklist = 0; - uint8_t ecn_supported; - uint8_t prsctp_supported; - uint8_t reconfig_supported; - uint8_t nrsack_supported; - uint8_t pktdrop_supported; + uint8_t peer_supports_ecn; + uint8_t peer_supports_prsctp; + uint8_t peer_supports_auth; + uint8_t peer_supports_asconf; + uint8_t peer_supports_asconf_ack; + uint8_t peer_supports_reconfig; + uint8_t peer_supports_nrsack; + uint8_t peer_supports_pktdrop; #ifdef INET struct sockaddr_in sin; #endif @@ -7144,11 +7156,14 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m, } else { sa = src; } - ecn_supported = 0; - prsctp_supported = 0; - reconfig_supported = 0; - nrsack_supported = 0; - pktdrop_supported = 0; + peer_supports_ecn = 0; + peer_supports_prsctp = 0; + peer_supports_auth = 0; + peer_supports_asconf = 0; + peer_supports_asconf = 0; + peer_supports_reconfig = 0; + peer_supports_nrsack = 0; + peer_supports_pktdrop = 0; TAILQ_FOREACH(net, &stcb->asoc.nets, sctp_next) { /* mark all addresses that we have currently on the list */ net->dest_state |= SCTP_ADDR_NOT_IN_ASSOC; @@ -7207,12 +7222,6 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m, /* the assoc was freed? */ return (-4); } - /* - * peer must explicitly turn this on. This may have been initialized - * to be "on" in order to allow local addr changes while INIT's are - * in flight. - */ - stcb->asoc.peer_supports_asconf = 0; /* now we must go through each of the params. */ phdr = sctp_get_next_param(m, offset, &parm_buf, sizeof(parm_buf)); while (phdr) { @@ -7398,7 +7407,7 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m, } else #endif if (ptype == SCTP_ECN_CAPABLE) { - ecn_supported = 1; + peer_supports_ecn = 1; } else if (ptype == SCTP_ULP_ADAPTATION) { if (stcb->asoc.state != SCTP_STATE_OPEN) { struct sctp_adaptation_layer_indication ai, *aip; @@ -7419,7 +7428,9 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m, struct sctp_asconf_addrv4_param *fii; #endif - stcb->asoc.peer_supports_asconf = 1; + if (stcb->asoc.asconf_supported == 0) { + return (-100); + } if (plen > sizeof(lstore)) { return (-23); } @@ -7471,7 +7482,7 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m, stcb->asoc.peer_supports_nat = 1; } else if (ptype == SCTP_PRSCTP_SUPPORTED) { /* Peer supports pr-sctp */ - prsctp_supported = 1; + peer_supports_prsctp = 1; } else if (ptype == SCTP_SUPPORTED_CHUNK_EXT) { /* A supported extension chunk */ struct sctp_supported_chunk_types_param *pr_supported; @@ -7483,30 +7494,29 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m, if (phdr == NULL) { return (-25); } - stcb->asoc.peer_supports_asconf = 0; - stcb->asoc.peer_supports_auth = 0; pr_supported = (struct sctp_supported_chunk_types_param *)phdr; num_ent = plen - sizeof(struct sctp_paramhdr); for (i = 0; i < num_ent; i++) { switch (pr_supported->chunk_types[i]) { case SCTP_ASCONF: + peer_supports_asconf = 1; case SCTP_ASCONF_ACK: - stcb->asoc.peer_supports_asconf = 1; + peer_supports_asconf_ack = 1; break; case SCTP_FORWARD_CUM_TSN: - prsctp_supported = 1; + peer_supports_prsctp = 1; break; case SCTP_PACKET_DROPPED: - pktdrop_supported = 1; + peer_supports_pktdrop = 1; break; case SCTP_NR_SELECTIVE_ACK: - nrsack_supported = 1; + peer_supports_nrsack = 1; break; case SCTP_STREAM_RESET: - reconfig_supported = 1; + peer_supports_reconfig = 1; break; case SCTP_AUTHENTICATION: - stcb->asoc.peer_supports_auth = 1; + peer_supports_auth = 1; break; default: /* one I have not learned yet */ @@ -7643,25 +7653,47 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, struct mbuf *m, } } } - stcb->asoc.ecn_supported &= ecn_supported; - stcb->asoc.prsctp_supported &= prsctp_supported; - stcb->asoc.reconfig_supported &= reconfig_supported; - stcb->asoc.nrsack_supported &= nrsack_supported; - stcb->asoc.pktdrop_supported &= pktdrop_supported; - /* validate authentication required parameters */ - if (got_random && got_hmacs) { - stcb->asoc.peer_supports_auth = 1; - } else { - stcb->asoc.peer_supports_auth = 0; + if ((stcb->asoc.ecn_supported == 1) && + (peer_supports_ecn == 0)) { + stcb->asoc.ecn_supported = 0; } - if (!stcb->asoc.peer_supports_auth && got_chklist) { + if ((stcb->asoc.prsctp_supported == 1) && + (peer_supports_prsctp == 0)) { + stcb->asoc.prsctp_supported = 0; + } + if ((stcb->asoc.auth_supported == 1) && + ((peer_supports_auth == 0) || + (got_random == 0) || (got_hmacs == 0))) { + stcb->asoc.auth_supported = 0; + } + if ((stcb->asoc.asconf_supported == 1) && + ((peer_supports_asconf == 0) || (peer_supports_asconf_ack == 0) || + (stcb->asoc.auth_supported == 0) || + (saw_asconf == 0) || (saw_asconf_ack == 0))) { + stcb->asoc.asconf_supported = 0; + } + if ((stcb->asoc.reconfig_supported == 1) && + (peer_supports_reconfig == 0)) { + stcb->asoc.reconfig_supported = 0; + } + if ((stcb->asoc.nrsack_supported == 1) && + (peer_supports_nrsack == 0)) { + stcb->asoc.nrsack_supported = 0; + } + if ((stcb->asoc.pktdrop_supported == 1) && + (peer_supports_pktdrop == 0)){ + stcb->asoc.pktdrop_supported = 0; + } + /* validate authentication required parameters */ + if ((peer_supports_auth == 0) && (got_chklist == 1)) { /* peer does not support auth but sent a chunks list? */ return (-31); } - if (stcb->asoc.peer_supports_asconf && !stcb->asoc.peer_supports_auth) { + if ((peer_supports_asconf == 1) && (peer_supports_auth == 0)) { /* peer supports asconf but not auth? */ return (-32); - } else if ((stcb->asoc.peer_supports_asconf) && (stcb->asoc.peer_supports_auth) && + } else if ((peer_supports_asconf == 1) && + (peer_supports_auth == 1) && ((saw_asconf == 0) || (saw_asconf_ack == 0))) { return (-33); } diff --git a/netinet/sctp_pcb.h b/netinet/sctp_pcb.h index 2206f9f..d09bb59 100755 --- a/netinet/sctp_pcb.h +++ b/netinet/sctp_pcb.h @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_pcb.h 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_pcb.h 269858 2014-08-12 11:30:16Z tuexen $"); #endif #ifndef _NETINET_SCTP_PCB_H_ @@ -482,6 +482,8 @@ struct sctp_inpcb { uint32_t sctp_cmt_on_off; uint8_t ecn_supported; uint8_t prsctp_supported; + uint8_t auth_supported; + uint8_t asconf_supported; uint8_t reconfig_supported; uint8_t nrsack_supported; uint8_t pktdrop_supported; diff --git a/netinet/sctp_peeloff.c b/netinet/sctp_peeloff.c index eb4809a..beb11fb 100755 --- a/netinet/sctp_peeloff.c +++ b/netinet/sctp_peeloff.c @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_peeloff.c 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_peeloff.c 269858 2014-08-12 11:30:16Z tuexen $"); #endif #include <netinet/sctp_os.h> @@ -127,6 +127,8 @@ sctp_do_peeloff(struct socket *head, struct socket *so, sctp_assoc_t assoc_id) n_inp->sctp_cmt_on_off = inp->sctp_cmt_on_off; n_inp->ecn_supported = inp->ecn_supported; n_inp->prsctp_supported = inp->prsctp_supported; + n_inp->auth_supported = inp->auth_supported; + n_inp->asconf_supported = inp->asconf_supported; n_inp->reconfig_supported = inp->reconfig_supported; n_inp->nrsack_supported = inp->nrsack_supported; n_inp->pktdrop_supported = inp->pktdrop_supported; @@ -240,6 +242,8 @@ sctp_get_peeloff(struct socket *head, sctp_assoc_t assoc_id, int *error) n_inp->sctp_cmt_on_off = inp->sctp_cmt_on_off; n_inp->ecn_supported = inp->ecn_supported; n_inp->prsctp_supported = inp->prsctp_supported; + n_inp->auth_supported = inp->auth_supported; + n_inp->asconf_supported = inp->asconf_supported; n_inp->reconfig_supported = inp->reconfig_supported; n_inp->nrsack_supported = inp->nrsack_supported; n_inp->pktdrop_supported = inp->pktdrop_supported; diff --git a/netinet/sctp_structs.h b/netinet/sctp_structs.h index 1c42563..24bacb9 100755 --- a/netinet/sctp_structs.h +++ b/netinet/sctp_structs.h @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_structs.h 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_structs.h 269858 2014-08-12 11:30:16Z tuexen $"); #endif #ifndef _NETINET_SCTP_STRUCTS_H_ @@ -1203,6 +1203,8 @@ struct sctp_association { /* Flags whether an extension is supported or not */ uint8_t ecn_supported; uint8_t prsctp_supported; + uint8_t auth_supported; + uint8_t asconf_supported; uint8_t reconfig_supported; uint8_t nrsack_supported; uint8_t pktdrop_supported; @@ -1210,10 +1212,6 @@ struct sctp_association { /* Did the peer make the stream config (add out) request */ uint8_t peer_req_out; - /* flag to indicate if peer can do asconf */ - uint8_t peer_supports_asconf; - /* peer authentication support flag */ - uint8_t peer_supports_auth; uint8_t local_strreset_support; uint8_t peer_supports_nat; diff --git a/netinet/sctp_sysctl.c b/netinet/sctp_sysctl.c index 874fe56..3dc41d6 100755 --- a/netinet/sctp_sysctl.c +++ b/netinet/sctp_sysctl.c @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_sysctl.c 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_sysctl.c 269858 2014-08-12 11:30:16Z tuexen $"); #endif #include <netinet/sctp_os.h> @@ -62,6 +62,8 @@ sctp_init_sysctls() SCTP_BASE_SYSCTL(sctp_multiple_asconfs) = SCTPCTL_MULTIPLEASCONFS_DEFAULT; SCTP_BASE_SYSCTL(sctp_ecn_enable) = SCTPCTL_ECN_ENABLE_DEFAULT; SCTP_BASE_SYSCTL(sctp_pr_enable) = SCTPCTL_PR_ENABLE_DEFAULT; + SCTP_BASE_SYSCTL(sctp_auth_disable) = SCTPCTL_AUTH_DISABLE_DEFAULT; + SCTP_BASE_SYSCTL(sctp_asconf_enable) = SCTPCTL_ASCONF_ENABLE_DEFAULT; SCTP_BASE_SYSCTL(sctp_reconfig_enable) = SCTPCTL_RECONFIG_ENABLE_DEFAULT; SCTP_BASE_SYSCTL(sctp_nrsack_enable) = SCTPCTL_NRSACK_ENABLE_DEFAULT; SCTP_BASE_SYSCTL(sctp_pktdrop_enable) = SCTPCTL_PKTDROP_ENABLE_DEFAULT; @@ -102,7 +104,6 @@ sctp_init_sysctls() SCTP_BASE_SYSCTL(sctp_cmt_on_off) = SCTPCTL_CMT_ON_OFF_DEFAULT; SCTP_BASE_SYSCTL(sctp_cmt_use_dac) = SCTPCTL_CMT_USE_DAC_DEFAULT; SCTP_BASE_SYSCTL(sctp_use_cwnd_based_maxburst) = SCTPCTL_CWND_MAXBURST_DEFAULT; - SCTP_BASE_SYSCTL(sctp_auth_disable) = SCTPCTL_AUTH_DISABLE_DEFAULT; SCTP_BASE_SYSCTL(sctp_nat_friendly) = SCTPCTL_NAT_FRIENDLY_DEFAULT; SCTP_BASE_SYSCTL(sctp_L2_abc_variable) = SCTPCTL_ABC_L_VAR_DEFAULT; SCTP_BASE_SYSCTL(sctp_mbuf_threshold_count) = SCTPCTL_MAX_CHAINED_MBUFS_DEFAULT; @@ -672,8 +673,8 @@ skip: else if ((var) > (max)) { (var) = (max); } #else #define RANGECHK(var, min, max) \ - if ((var) <= (min)) { (var) = (min); } \ - else if ((var) >= (max)) { (var) = (max); } + if ((var) < (min)) { (var) = (min); } \ + else if ((var) > (max)) { (var) = (max); } #endif #if defined(__APPLE__) @@ -815,7 +816,6 @@ sysctl_sctp_check(SYSCTL_HANDLER_ARGS) RANGECHK(SCTP_BASE_SYSCTL(sctp_cmt_on_off), SCTPCTL_CMT_ON_OFF_MIN, SCTPCTL_CMT_ON_OFF_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_cmt_use_dac), SCTPCTL_CMT_USE_DAC_MIN, SCTPCTL_CMT_USE_DAC_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_use_cwnd_based_maxburst), SCTPCTL_CWND_MAXBURST_MIN, SCTPCTL_CWND_MAXBURST_MAX); - RANGECHK(SCTP_BASE_SYSCTL(sctp_auth_disable), SCTPCTL_AUTH_DISABLE_MIN, SCTPCTL_AUTH_DISABLE_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_nat_friendly), SCTPCTL_NAT_FRIENDLY_MIN, SCTPCTL_NAT_FRIENDLY_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_L2_abc_variable), SCTPCTL_ABC_L_VAR_MIN, SCTPCTL_ABC_L_VAR_MAX); RANGECHK(SCTP_BASE_SYSCTL(sctp_mbuf_threshold_count), SCTPCTL_MAX_CHAINED_MBUFS_MIN, SCTPCTL_MAX_CHAINED_MBUFS_MAX); @@ -867,6 +867,80 @@ sysctl_sctp_check(SYSCTL_HANDLER_ARGS) return (error); } +#if defined(__APPLE__) +static int +sysctl_sctp_auth_check SYSCTL_HANDLER_ARGS +{ +#pragma unused(arg1, arg2) +#else +static int +sysctl_sctp_auth_check(SYSCTL_HANDLER_ARGS) +{ +#endif + int error; + +#if defined(__FreeBSD__) && __FreeBSD_version >= 800056 && __FreeBSD_version < 1000100 +#ifdef VIMAGE + error = vnet_sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); +#else + error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); +#endif +#else + error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); +#endif + if (error == 0) { + if (SCTP_BASE_SYSCTL(sctp_auth_disable) < SCTPCTL_AUTH_DISABLE_MIN) { + SCTP_BASE_SYSCTL(sctp_auth_disable) = SCTPCTL_AUTH_DISABLE_MIN; + } + if (SCTP_BASE_SYSCTL(sctp_auth_disable) > SCTPCTL_AUTH_DISABLE_MAX) { + SCTP_BASE_SYSCTL(sctp_auth_disable) = SCTPCTL_AUTH_DISABLE_MAX; + } + if ((SCTP_BASE_SYSCTL(sctp_auth_disable) == 1) && + (SCTP_BASE_SYSCTL(sctp_asconf_enable) == 1)) { + /* You can't disable AUTH with disabling ASCONF first */ + SCTP_BASE_SYSCTL(sctp_auth_disable) = 0; + } + } + return (error); +} + +#if defined(__APPLE__) +static int +sysctl_sctp_asconf_check SYSCTL_HANDLER_ARGS +{ +#pragma unused(arg1, arg2) +#else +static int +sysctl_sctp_asconf_check(SYSCTL_HANDLER_ARGS) +{ +#endif + int error; + +#if defined(__FreeBSD__) && __FreeBSD_version >= 800056 && __FreeBSD_version < 1000100 +#ifdef VIMAGE + error = vnet_sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); +#else + error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); +#endif +#else + error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); +#endif + if (error == 0) { + if (SCTP_BASE_SYSCTL(sctp_asconf_enable) < SCTPCTL_ASCONF_ENABLE_MIN) { + SCTP_BASE_SYSCTL(sctp_asconf_enable) = SCTPCTL_ASCONF_ENABLE_MIN; + } + if (SCTP_BASE_SYSCTL(sctp_asconf_enable) > SCTPCTL_ASCONF_ENABLE_MAX) { + SCTP_BASE_SYSCTL(sctp_asconf_enable) = SCTPCTL_ASCONF_ENABLE_MAX; + } + if ((SCTP_BASE_SYSCTL(sctp_asconf_enable) == 1) && + (SCTP_BASE_SYSCTL(sctp_auth_disable) == 1)) { + /* You can't enable ASCONF without enabling AUTH first */ + SCTP_BASE_SYSCTL(sctp_asconf_enable) = 0; + } + } + return (error); +} + #if defined(__FreeBSD__) && defined(SMP) && defined(SCTP_USE_PERCPU_STAT) static int sysctl_stat_get(SYSCTL_HANDLER_ARGS) @@ -1089,6 +1163,14 @@ SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, pr_enable, CTLTYPE_UINT|CTLFLAG_RW, &SCTP_BASE_SYSCTL(sctp_pr_enable), 0, sysctl_sctp_check, "IU", SCTPCTL_PR_ENABLE_DESC); +SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, auth_disable, CTLTYPE_UINT|CTLFLAG_RW, + &SCTP_BASE_SYSCTL(sctp_auth_disable), 0, sysctl_sctp_auth_check, "IU", + SCTPCTL_AUTH_DISABLE_DESC); + +SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, asconf_enable, CTLTYPE_UINT|CTLFLAG_RW, + &SCTP_BASE_SYSCTL(sctp_asconf_enable), 0, sysctl_sctp_asconf_check, "IU", + SCTPCTL_ASCONF_ENABLE_DESC); + SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, reconfig_enable, CTLTYPE_UINT|CTLFLAG_RW, &SCTP_BASE_SYSCTL(sctp_reconfig_enable), 0, sysctl_sctp_check, "IU", SCTPCTL_RECONFIG_ENABLE_DESC); @@ -1243,10 +1325,6 @@ SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, cwnd_maxburst, CTLTYPE_UINT|CTLFLAG_R &SCTP_BASE_SYSCTL(sctp_use_cwnd_based_maxburst), 0, sysctl_sctp_check, "IU", SCTPCTL_CWND_MAXBURST_DESC); -SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, auth_disable, CTLTYPE_UINT|CTLFLAG_RW, - &SCTP_BASE_SYSCTL(sctp_auth_disable), 0, sysctl_sctp_check, "IU", - SCTPCTL_AUTH_DISABLE_DESC); - SYSCTL_VNET_PROC(_net_inet_sctp, OID_AUTO, nat_friendly, CTLTYPE_UINT|CTLFLAG_RW, &SCTP_BASE_SYSCTL(sctp_nat_friendly), 0, sysctl_sctp_check, "IU", SCTPCTL_NAT_FRIENDLY_DESC); @@ -1446,6 +1524,14 @@ void sysctl_setup_sctp(void) &SCTP_BASE_SYSCTL(sctp_pr_enable), 0, sysctl_sctp_check, SCTPCTL_PR_ENABLE_DESC); + sysctl_add_oid(&sysctl_oid_top, "auth_disable", CTLTYPE_INT|CTLFLAG_RW, + &SCTP_BASE_SYSCTL(sctp_auth_disable), 0, sysctl_sctp_auth_check, + SCTPCTL_AUTH_DISABLE_DESC); + + sysctl_add_oid(&sysctl_oid_top, "asconf_enable", CTLTYPE_INT|CTLFLAG_RW, + &SCTP_BASE_SYSCTL(sctp_asconf_enable), 0, sysctl_sctp_asconf_check, + SCTPCTL_ASCONF_ENABLE_DESC); + sysctl_add_oid(&sysctl_oid_top, "reconfig_enable", CTLTYPE_INT|CTLFLAG_RW, &SCTP_BASE_SYSCTL(sctp_reconfig_enable), 0, sysctl_sctp_check, SCTPCTL_RECONFIG_ENABLE_DESC); @@ -1594,10 +1680,6 @@ void sysctl_setup_sctp(void) &SCTP_BASE_SYSCTL(sctp_use_cwnd_based_maxburst), 0, sysctl_sctp_check, SCTPCTL_CWND_MAXBURST_DESC); - sysctl_add_oid(&sysctl_oid_top, "auth_disable", CTLTYPE_INT|CTLFLAG_RW, - &SCTP_BASE_SYSCTL(sctp_auth_disable), 0, sysctl_sctp_check, - SCTPCTL_AUTH_DISABLE_DESC); - sysctl_add_oid(&sysctl_oid_top, "nat_friendly", CTLTYPE_INT|CTLFLAG_RW, &SCTP_BASE_SYSCTL(sctp_nat_friendly), 0, sysctl_sctp_check, SCTPCTL_NAT_FRIENDLY_DESC); diff --git a/netinet/sctp_sysctl.h b/netinet/sctp_sysctl.h index 6de8e7f..452654e 100755 --- a/netinet/sctp_sysctl.h +++ b/netinet/sctp_sysctl.h @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_sysctl.h 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_sysctl.h 269858 2014-08-12 11:30:16Z tuexen $"); #endif #ifndef _NETINET_SCTP_SYSCTL_H_ @@ -48,6 +48,8 @@ struct sctp_sysctl { uint32_t sctp_multiple_asconfs; uint32_t sctp_ecn_enable; uint32_t sctp_pr_enable; + uint32_t sctp_auth_disable; + uint32_t sctp_asconf_enable; uint32_t sctp_reconfig_enable; uint32_t sctp_nrsack_enable; uint32_t sctp_pktdrop_enable; @@ -88,7 +90,6 @@ struct sctp_sysctl { uint32_t sctp_cmt_on_off; uint32_t sctp_cmt_use_dac; uint32_t sctp_use_cwnd_based_maxburst; - uint32_t sctp_auth_disable; uint32_t sctp_nat_friendly; uint32_t sctp_L2_abc_variable; uint32_t sctp_mbuf_threshold_count; @@ -179,6 +180,18 @@ struct sctp_sysctl { #define SCTPCTL_PR_ENABLE_MAX 1 #define SCTPCTL_PR_ENABLE_DEFAULT 1 +/* auth_disable: Disable SCTP AUTH function */ +#define SCTPCTL_AUTH_DISABLE_DESC "Disable SCTP AUTH function" +#define SCTPCTL_AUTH_DISABLE_MIN 0 +#define SCTPCTL_AUTH_DISABLE_MAX 1 +#define SCTPCTL_AUTH_DISABLE_DEFAULT 0 + +/* asconf_enable: Enable SCTP ASCONF */ +#define SCTPCTL_ASCONF_ENABLE_DESC "Enable SCTP ASCONF" +#define SCTPCTL_ASCONF_ENABLE_MIN 0 +#define SCTPCTL_ASCONF_ENABLE_MAX 1 +#define SCTPCTL_ASCONF_ENABLE_DEFAULT 1 + /* reconfig_enable: Enable SCTP RE-CONFIG */ #define SCTPCTL_RECONFIG_ENABLE_DESC "Enable SCTP RE-CONFIG" #define SCTPCTL_RECONFIG_ENABLE_MIN 0 @@ -396,12 +409,6 @@ struct sctp_sysctl { #define SCTPCTL_CWND_MAXBURST_MAX 1 #define SCTPCTL_CWND_MAXBURST_DEFAULT 1 -/* auth_disable: Disable SCTP AUTH function */ -#define SCTPCTL_AUTH_DISABLE_DESC "Disable SCTP AUTH function" -#define SCTPCTL_AUTH_DISABLE_MIN 0 -#define SCTPCTL_AUTH_DISABLE_MAX 1 -#define SCTPCTL_AUTH_DISABLE_DEFAULT 0 - /* nat_friendly: SCTP NAT friendly operation */ #define SCTPCTL_NAT_FRIENDLY_DESC "SCTP NAT friendly operation" #define SCTPCTL_NAT_FRIENDLY_MIN 0 diff --git a/netinet/sctp_usrreq.c b/netinet/sctp_usrreq.c index 739c8cf..879e7f1 100755 --- a/netinet/sctp_usrreq.c +++ b/netinet/sctp_usrreq.c @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctp_usrreq.c 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctp_usrreq.c 269858 2014-08-12 11:30:16Z tuexen $"); #endif #include <netinet/sctp_os.h> @@ -4056,6 +4056,60 @@ sctp_getopt(struct socket *so, int optname, void *optval, size_t *optsize, } break; } + case SCTP_AUTH_SUPPORTED: + { + struct sctp_assoc_value *av; + + SCTP_CHECK_AND_CAST(av, optval, struct sctp_assoc_value, *optsize); + SCTP_FIND_STCB(inp, stcb, av->assoc_id); + + if (stcb) { + av->assoc_value = stcb->asoc.auth_supported; + SCTP_TCB_UNLOCK(stcb); + } else { + if ((inp->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) || + (inp->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) || + (av->assoc_id == SCTP_FUTURE_ASSOC)) { + SCTP_INP_RLOCK(inp); + av->assoc_value = inp->auth_supported; + SCTP_INP_RUNLOCK(inp); + } else { + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL); + error = EINVAL; + } + } + if (error == 0) { + *optsize = sizeof(struct sctp_assoc_value); + } + break; + } + case SCTP_ASCONF_SUPPORTED: + { + struct sctp_assoc_value *av; + + SCTP_CHECK_AND_CAST(av, optval, struct sctp_assoc_value, *optsize); + SCTP_FIND_STCB(inp, stcb, av->assoc_id); + + if (stcb) { + av->assoc_value = stcb->asoc.asconf_supported; + SCTP_TCB_UNLOCK(stcb); + } else { + if ((inp->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) || + (inp->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) || + (av->assoc_id == SCTP_FUTURE_ASSOC)) { + SCTP_INP_RLOCK(inp); + av->assoc_value = inp->asconf_supported; + SCTP_INP_RUNLOCK(inp); + } else { + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL); + error = EINVAL; + } + } + if (error == 0) { + *optsize = sizeof(struct sctp_assoc_value); + } + break; + } case SCTP_RECONFIG_SUPPORTED: { struct sctp_assoc_value *av; @@ -6955,6 +7009,86 @@ sctp_setopt(struct socket *so, int optname, void *optval, size_t optsize, } break; } + case SCTP_AUTH_SUPPORTED: + { + struct sctp_assoc_value *av; + + SCTP_CHECK_AND_CAST(av, optval, struct sctp_assoc_value, optsize); + SCTP_FIND_STCB(inp, stcb, av->assoc_id); + + if (stcb) { + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL); + error = EINVAL; + SCTP_TCB_UNLOCK(stcb); + } else { + if ((inp->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) || + (inp->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) || + (av->assoc_id == SCTP_FUTURE_ASSOC)) { + if ((av->assoc_value == 0) && + (inp->asconf_supported == 1)) { + /* AUTH is required for ASCONF */ + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL); + error = EINVAL; + } else { + SCTP_INP_WLOCK(inp); + if (av->assoc_value == 0) { + inp->auth_supported = 0; + } else { + inp->auth_supported = 1; + } + SCTP_INP_WUNLOCK(inp); + } + } else { + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL); + error = EINVAL; + } + } + break; + } + case SCTP_ASCONF_SUPPORTED: + { + struct sctp_assoc_value *av; + + SCTP_CHECK_AND_CAST(av, optval, struct sctp_assoc_value, optsize); + SCTP_FIND_STCB(inp, stcb, av->assoc_id); + + if (stcb) { + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL); + error = EINVAL; + SCTP_TCB_UNLOCK(stcb); + } else { + if ((inp->sctp_flags & SCTP_PCB_FLAGS_TCPTYPE) || + (inp->sctp_flags & SCTP_PCB_FLAGS_IN_TCPPOOL) || + (av->assoc_id == SCTP_FUTURE_ASSOC)) { + if ((av->assoc_value != 0) && + (inp->auth_supported == 0)) { + /* AUTH is required for ASCONF */ + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL); + error = EINVAL; + } else { + SCTP_INP_WLOCK(inp); + if (av->assoc_value == 0) { + inp->asconf_supported = 0; + sctp_auth_delete_chunk(SCTP_ASCONF, + inp->sctp_ep.local_auth_chunks); + sctp_auth_delete_chunk(SCTP_ASCONF_ACK, + inp->sctp_ep.local_auth_chunks); + } else { + inp->asconf_supported = 1; + sctp_auth_add_chunk(SCTP_ASCONF, + inp->sctp_ep.local_auth_chunks); + sctp_auth_add_chunk(SCTP_ASCONF_ACK, + inp->sctp_ep.local_auth_chunks); + } + SCTP_INP_WUNLOCK(inp); + } + } else { + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL); + error = EINVAL; + } + } + break; + } case SCTP_RECONFIG_SUPPORTED: { struct sctp_assoc_value *av; diff --git a/netinet/sctputil.c b/netinet/sctputil.c index 754a9ad..e240bff 100755 --- a/netinet/sctputil.c +++ b/netinet/sctputil.c @@ -32,7 +32,7 @@ #ifdef __FreeBSD__ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: head/sys/netinet/sctputil.c 269527 2014-08-04 20:07:35Z tuexen $"); +__FBSDID("$FreeBSD: head/sys/netinet/sctputil.c 269858 2014-08-12 11:30:16Z tuexen $"); #endif #include <netinet/sctp_os.h> @@ -974,6 +974,8 @@ sctp_init_asoc(struct sctp_inpcb *inp, struct sctp_tcb *stcb, asoc->sctp_cmt_on_off = inp->sctp_cmt_on_off; asoc->ecn_supported = inp->ecn_supported; asoc->prsctp_supported = inp->prsctp_supported; + asoc->auth_supported = inp->auth_supported; + asoc->asconf_supported = inp->asconf_supported; asoc->reconfig_supported = inp->reconfig_supported; asoc->nrsack_supported = inp->nrsack_supported; asoc->pktdrop_supported = inp->pktdrop_supported; @@ -2741,17 +2743,17 @@ sctp_notify_assoc_change(uint16_t state, struct sctp_tcb *stcb, if (notif_len > sizeof(struct sctp_assoc_change)) { if ((state == SCTP_COMM_UP) || (state == SCTP_RESTART)) { i = 0; - if (stcb->asoc.prsctp_supported) { + if (stcb->asoc.prsctp_supported == 1) { sac->sac_info[i++] = SCTP_ASSOC_SUPPORTS_PR; } - if (stcb->asoc.peer_supports_auth) { + if (stcb->asoc.auth_supported == 1) { sac->sac_info[i++] = SCTP_ASSOC_SUPPORTS_AUTH; } - if (stcb->asoc.peer_supports_asconf) { + if (stcb->asoc.asconf_supported == 1) { sac->sac_info[i++] = SCTP_ASSOC_SUPPORTS_ASCONF; } sac->sac_info[i++] = SCTP_ASSOC_SUPPORTS_MULTIBUF; - if (stcb->asoc.reconfig_supported) { + if (stcb->asoc.reconfig_supported == 1) { sac->sac_info[i++] = SCTP_ASSOC_SUPPORTS_RE_CONFIG; } sac->sac_length += i; @@ -3695,7 +3697,7 @@ sctp_ulp_notify(uint32_t notification, struct sctp_tcb *stcb, if (stcb->asoc.adaptation_needed && (stcb->asoc.adaptation_sent == 0)) { sctp_notify_adaptation_layer(stcb); } - if (stcb->asoc.peer_supports_auth == 0) { + if (stcb->asoc.auth_supported == 0) { sctp_ulp_notify(SCTP_NOTIFY_NO_PEER_AUTH, stcb, 0, NULL, so_locked); } @@ -3784,7 +3786,7 @@ sctp_ulp_notify(uint32_t notification, struct sctp_tcb *stcb, break; case SCTP_NOTIFY_ASSOC_RESTART: sctp_notify_assoc_change(SCTP_RESTART, stcb, error, NULL, 0, so_locked); - if (stcb->asoc.peer_supports_auth == 0) { + if (stcb->asoc.auth_supported == 0) { sctp_ulp_notify(SCTP_NOTIFY_NO_PEER_AUTH, stcb, 0, NULL, so_locked); } diff --git a/user_socket.c b/user_socket.c index 8810214..13dd8fd 100755 --- a/user_socket.c +++ b/user_socket.c @@ -710,6 +710,7 @@ userspace_sctp_sendmsg(struct socket *so, struct uio auio; struct iovec iov[1]; + memset(sinfo, 0, sizeof(struct sctp_sndrcvinfo)); sinfo->sinfo_ppid = ppid; sinfo->sinfo_flags = flags; sinfo->sinfo_stream = stream_no; @@ -3248,6 +3249,8 @@ USRSCTP_SYSCTL_SET_DEF(sctp_auto_asconf) USRSCTP_SYSCTL_SET_DEF(sctp_multiple_asconfs) USRSCTP_SYSCTL_SET_DEF(sctp_ecn_enable) USRSCTP_SYSCTL_SET_DEF(sctp_pr_enable) +USRSCTP_SYSCTL_SET_DEF(sctp_auth_disable) +USRSCTP_SYSCTL_SET_DEF(sctp_asconf_enable) USRSCTP_SYSCTL_SET_DEF(sctp_reconfig_enable) USRSCTP_SYSCTL_SET_DEF(sctp_nrsack_enable) USRSCTP_SYSCTL_SET_DEF(sctp_pktdrop_enable) @@ -3283,7 +3286,6 @@ USRSCTP_SYSCTL_SET_DEF(sctp_nr_outgoing_streams_default) USRSCTP_SYSCTL_SET_DEF(sctp_cmt_on_off) USRSCTP_SYSCTL_SET_DEF(sctp_cmt_use_dac) USRSCTP_SYSCTL_SET_DEF(sctp_use_cwnd_based_maxburst) -USRSCTP_SYSCTL_SET_DEF(sctp_auth_disable) USRSCTP_SYSCTL_SET_DEF(sctp_nat_friendly) USRSCTP_SYSCTL_SET_DEF(sctp_L2_abc_variable) USRSCTP_SYSCTL_SET_DEF(sctp_mbuf_threshold_count) @@ -3329,6 +3331,8 @@ USRSCTP_SYSCTL_GET_DEF(sctp_auto_asconf) USRSCTP_SYSCTL_GET_DEF(sctp_multiple_asconfs) USRSCTP_SYSCTL_GET_DEF(sctp_ecn_enable) USRSCTP_SYSCTL_GET_DEF(sctp_pr_enable) +USRSCTP_SYSCTL_GET_DEF(sctp_auth_disable) +USRSCTP_SYSCTL_GET_DEF(sctp_asconf_enable) USRSCTP_SYSCTL_GET_DEF(sctp_reconfig_enable) USRSCTP_SYSCTL_GET_DEF(sctp_nrsack_enable) USRSCTP_SYSCTL_GET_DEF(sctp_pktdrop_enable) @@ -3364,7 +3368,6 @@ USRSCTP_SYSCTL_GET_DEF(sctp_nr_outgoing_streams_default) USRSCTP_SYSCTL_GET_DEF(sctp_cmt_on_off) USRSCTP_SYSCTL_GET_DEF(sctp_cmt_use_dac) USRSCTP_SYSCTL_GET_DEF(sctp_use_cwnd_based_maxburst) -USRSCTP_SYSCTL_GET_DEF(sctp_auth_disable) USRSCTP_SYSCTL_GET_DEF(sctp_nat_friendly) USRSCTP_SYSCTL_GET_DEF(sctp_L2_abc_variable) USRSCTP_SYSCTL_GET_DEF(sctp_mbuf_threshold_count) @@ -983,7 +983,7 @@ usrsctp_dumppacket(void *, size_t, int); void usrsctp_freedumpbuffer(char *); -#define USRSCTP_SYSCTL_DECL(__field) \ +#define USRSCTP_SYSCTL_DECL(__field) \ void usrsctp_sysctl_set_ ## __field(uint32_t value);\ uint32_t usrsctp_sysctl_get_ ## __field(void); @@ -993,6 +993,8 @@ USRSCTP_SYSCTL_DECL(sctp_auto_asconf) USRSCTP_SYSCTL_DECL(sctp_multiple_asconfs) USRSCTP_SYSCTL_DECL(sctp_ecn_enable) USRSCTP_SYSCTL_DECL(sctp_pr_enable) +USRSCTP_SYSCTL_DECL(sctp_auth_disable) +USRSCTP_SYSCTL_DECL(sctp_asconf_enable) USRSCTP_SYSCTL_DECL(sctp_reconfig_enable) USRSCTP_SYSCTL_DECL(sctp_nrsack_enable) USRSCTP_SYSCTL_DECL(sctp_pktdrop_enable) @@ -1029,7 +1031,6 @@ USRSCTP_SYSCTL_DECL(sctp_nr_outgoing_streams_default) USRSCTP_SYSCTL_DECL(sctp_cmt_on_off) USRSCTP_SYSCTL_DECL(sctp_cmt_use_dac) USRSCTP_SYSCTL_DECL(sctp_use_cwnd_based_maxburst) -USRSCTP_SYSCTL_DECL(sctp_auth_disable) USRSCTP_SYSCTL_DECL(sctp_nat_friendly) USRSCTP_SYSCTL_DECL(sctp_L2_abc_variable) USRSCTP_SYSCTL_DECL(sctp_mbuf_threshold_count) |